CVE-2022-42724
on github
Published
Severity
CVSS v3:
4.3 MEDIUM
CVSS v2:
N/A
Description
app/Controller/UsersController.php in MISP before 2.4.164 allows attackers to discover role names (this is information that only the site admin should have).
References
Configurations
CPE23 | Version Start | Version End | Exact Version |
---|---|---|---|
cpe:2.3:a:misp-project:malware_information_sharing_platform:*:*:*:*:*:*:*:* | n/a | 2.4.164 | * |